Hackers Using iCloud's Find My iPhone Feature to Remotely Lock Macs and Demand Ransom Payments

Over the last day or two, several Mac users appear to have been locked out of their machines after hackers signed into their iCloud accounts and initiated a remote lock using Find My iPhone.

With access to an iCloud user's username and password, Find My iPhone on iCloud.com can be used to "lock" a Mac with a passcode even with two-factor authentication turned on, and that's what's going on here.

maclockedfindmyiphone
Apple allows users to access Find My iPhone without requiring two-factor authentication in case a person's only trusted device has gone missing.

2faicloud

2-factor authentication not required to access Find My iPhone and a user's list of devices.

Affected users who have had their iCloud accounts hacked are receiving messages demanding money for the passcode to unlock a locked Mac device.


The usernames and passwords of the iCloud accounts affected by this "hack" were likely found through various site data breaches and have not been acquired through a breach of Apple's servers.

Impacted users likely used the same email addresses, account names, and passwords for multiple accounts, allowing people with malicious intent to figure out their iCloud details.

lockmacfindmyiphone

It's easy to lock a Mac with a passcode in Find My iPhone if you have someone's Apple ID and password.

To prevent an issue like this, Apple users should change their Apple ID passwords, enable two-factor authentication, and never use the same password twice. Products like 1Password, LastPass, and even Apple's own iCloud Keychain are ideal ways to generate and store new passwords for each and every website.


Users who have had their Macs locked will need to get in contact with Apple Support for assistance with removing the Find My iPhone lock.

(Thanks, Eli!)

Top Rated Comments

miketcool Avatar
50 months ago
Meh, this is why things live on external drives. If I lost or had my laptop stolen, I'd wipe it and be back up and running in 25 minutes without the hassle.
Score: 19 Votes (Like | Disagree)
I Need a Drink Avatar
50 months ago
Nice job MR. I only emailed them about this 4 weeks ago and asked that they run a story to inform people that this was going on.

I also emailed Apple about the issue with a simple suggestion. What they need to do is to require the device password when you try to lock a device from Find My iPhone on the web. When you go to remote lock a device you enter a lock passcode and the device's password or passcode. When that is sent to the Mac, iPhone, whatever, if the device password doesn't match, it won't lock the device. That way, even if a hacker guesses your Apple ID and password using hacked credentials, they still can't lock the device without the Mac's login.
Score: 17 Votes (Like | Disagree)
Relentless Power Avatar
50 months ago
Macurmors quote:

"Impacted users likely used the same email addresses, account names, and passwords for multiple accounts, allowing people with malicious intent to figure out their iCloud details."

And this is exactly why I reconfigure all my passwords for my accounts on a regular basis. Stagnancy can be part of the problem.
Score: 11 Votes (Like | Disagree)
Vol7ron Avatar
50 months ago
Yup, this happened to me back in June when I installed beta 1 of MacOS High Sierra. Frustrating and embarrassing when your an IT engineer and your own device gets hacked! Had to bring it to Apple and provide proof of ownership before they would remove the lock.

And always use 2Factor. I don’t buy the second tweet about someone getting hacked with having 2FA enabled. Even if they could guess your password and the security code, your trusted device would still get a notification and you could block access.
I had 2 factor enabled, saw that someone was trying to access my account, denied them, and still had my account locked.
Score: 11 Votes (Like | Disagree)
busyscott Avatar
50 months ago
MacRumors, why are you recommending two-factor authentication if you then go onto say you can access Find My iPhone without needing 2FA??

Here's a better recommendation: turn off Find My Mac until Apple correct course and Find My iPhone requires 2FA.
Score: 10 Votes (Like | Disagree)
ILuvEggplant Avatar
50 months ago
I liked how he said "y'all"

"y'all come back now ! yah hear?!"
Score: 7 Votes (Like | Disagree)

Top Stories

AirPods Pro Beta Firmware

AirPods Pro Beta Firmware Now Available

Wednesday July 21, 2021 6:50 am PDT by
Upcoming AirPods Pro firmware updates are now available to Apple Developer Program members as beta versions. AirPods Pro firmware beta one features FaceTime Spatial Audio and Ambient Noise Reduction. Custom Transparency mode, including Conversation Boost, was initially expected to be included in the beta but appears to have been delayed for a later version. Apple made the announcement...
maxresdefault

Apple Music to Livestream Premiere of Kanye West's New Album 'Donda' on Thursday

Wednesday July 21, 2021 1:49 am PDT by
Apple Music on Thursday will host a global livestream for the premiere of Kanye West's tenth studio album, titled "Donda." The sold-out event will take place at the Mercedes-Benz Stadium in Atlanta, Georgia, and Apple Music's livestream will start at 8:00 p.m. Eastern Time. The livestream was revealed in a Beats Studio Buds ad that aired during the NBA Finals. The ad features U.S. track...
General Apps Messages

All Three Major U.S. Carriers and Google Adopt Rich Communication Services, But No Sign of Apple Interest

Tuesday July 20, 2021 1:15 pm PDT by
For the last several years, Google has been pushing a new communications protocol called Rich Communication Services, or RCS. RCS is designed to replace SMS, the current text message standard, and it offers support for higher resolution photos and videos, audio messages, bigger file sizes, better encryption, improved group chat, and more. Verizon today announced that it is planning to adopt...
ios wifi settings

Apple Confirms iOS 14.7 Fixes WiFi Bug and Many Other Vulnerabilities

Wednesday July 21, 2021 11:38 am PDT by
Following the release of iPadOS 14.7 this morning, Apple has shared details on the security updates that are included in iOS 14.7, iPadOS 14.7, macOS Big Sur 11.5, watchOS 7.6, and tvOS 14.7, all of which came out this week. Notably, Apple's documentation confirms that the iOS 14.7 and iPadOS 14.7 updates address a WiFi-related vulnerability that could impact iOS devices when joining a...
macOS Malware Feature

Common Windows Malware Can Now Infect Macs

Wednesday July 21, 2021 8:13 am PDT by
A common form of malware on Windows systems has been modified into a new strain called "XLoader" that can also target macOS (via Bleeping Computer). Derived from the Formbook info-stealer for Windows, XLoader is a form of cross-platform malware advertised as a botnet with no dependencies. It is used to steal login credentials, capture screenshots, log keystrokes, and execute malicious files. ...
macOS Big Sur Feature Orange

Apple Releases macOS Big Sur 11.5 With Podcast App Updates and Bug Fixes

Wednesday July 21, 2021 10:15 am PDT by
Apple today released macOS Big Sur 11.5, the fifth major update to the macOS Big Sur operating system that launched in November 2020. macOS Big Sur 11.5 comes two months after the release of macOS Big Sur 11.4. The new ‌‌‌‌‌macOS Big Sur‌‌‌‌ 11.5 update can be downloaded for free on all eligible Macs using the Software Update section of System Preferences. macOS Big Sur...
idos 2 app ios

Apple to Pull 'iDOS 2' DOS Emulator From App Store

Thursday July 22, 2021 3:22 pm PDT by
iDOS 2, an app designed to allow users to play classic DOS games, will soon be pulled from the App Store, the app's creator said today. According to iDOS developer Chaoji Li, he tried to submit an iDOS update with bug fixes to the App Store, but was told that the update was rejected because it violated the 2.5.2 App Store guideline that says apps cannot install or launch executable code.Durin...
airpods 3 gizmochina Feature

AirPods 3 Rumored to Launch Alongside iPhone 13 at Expected September Event

Friday July 23, 2021 12:54 am PDT by
The third-generation AirPods will likely launch at the same event revealing Apple's upcoming iPhone 13 lineup, according to a report from DigiTimes, which makes the claim citing sources familiar with the matter. The report as a whole echoes previous reporting that production of the third-generation AirPods will kickstart in August, meaning a launch shortly after can be easily expected. DigiTi...
iPad mini pro feature

Next-Generation iPad Mini Will Reportedly Feature a Mini-LED Display

Thursday July 22, 2021 9:03 am PDT by
Apple is widely rumored to be planning a new iPad mini with a significant redesign, including a larger 8.5-inch to 9-inch display with slimmer bezels, a Touch ID power button instead of a home button, a USB-C port instead of a Lightning connector, and more. According to a paywalled preview of a DigiTimes report today, the sixth-generation iPad mini will also feature a mini-LED display:BLU...
airpods 3 gizmochina Feature teal

AirPods 3 Mass Production Said to Kick Off in August

Tuesday July 20, 2021 8:40 pm PDT by
Mass production of the third-generation AirPods will kick off in August, according to a new report from Nikkei Asia. They will reportedly join a number of other products such as the iPhone 13 lineup and redesigned MacBook Pro models as launches coming before the end of the year. Renderings of rumored third-generation AirPods design Rumored launch dates for the third-generation AirPods have...